RE: CEH training

["Torig" <torig () gov-fbi net>]

Hello Gregory,

I went through the CEH self-study guide (v3) a few months back and noticed
the same short-comings as were mentioned before on the list.
However, in all fairness, the exam had _little_ to do with the actual
courseware.
This might sound negative, but actually in this case turned out to be a
very nice surprise. Where I found the study guide to be lacking technical
depth and methodologies, I was asked to interprete tools output and more
on the exam.
Unfortunately, I cannot be any more specific than this - off or on list.

Also, keep in mind their course seems to have undergone a major update (v4
has been released, and they supplement their pen testing track with E|CSA
(Ec-council certified security analyst) for which the course is mandatory.
And the summum should be the workshop one has to attend before being able
to call himself the LPT (licensed penetration tester).

Unfortunately, I haven't seen the CSA nor the LPT courseware, so can't
comment on it, but it certainly looks likee they are doing a lot of effort
!

As a side-question:
I'm attending the Advanced Ethical Hacking: Expert Penetration Testing
course, given by Jack Koziol (author of the Shellcoders' Handbook) this
summer.
What helped me in choosing InfoSecInstitute is that the course runs from
8-5 and from 18 - 22.30 you can exercise (through CTF's in the lab), which
gives a very good amount of hands-on experience for a week's worth of
training ;-)
Does any one on the list have experience with this course ? Did you like it?
Were the CTF exercises any good/representative of a real-world situation ?

Thanks,
Kind regards,

Roger 'Torig' Sels


On Wed, June 22, 2005 8:30 pm, glemmon () onealwebster com said:
>  Thank you all for your comments, suggestions and recommendations. This is
> my
> take away from your feedback: The CEH cert needs some improvement, in that
> it
> is 1) very Tools oriented 2) more windows than *nix oriented (not
> necessarily
> a bad thing considering the average Windows Admin is light years behind
> the
> average *nix Admin in general network and sys know how) 3) Good training
> is
> very dependent on the Instructor you get (this is probably the issue in a
> lot
> of cases not just CEH cert/training).
>
> A lot of you that responded seem to have overlooked a minor detail though
> - I
> need something (training offering) preferably in an online format, I will
> not
> be able to travel for another two months project completion deadlines.
>
> I have looked at the SANS@Home course "Hacker Techniques, Exploits &
> Incident
> Handling" Instructor - Ed Skoudis and that is what I am leaning towards
> enrolling in. I also looked at ISECOM, Learn Security Online, SensePost
> and
> Foundstone. All are impressive in their syllabus/course outline and I know
> from reading some of the books from the Hacking Exposed series as well as
> other general reading that these institutions and their instructors are
> held
> in high esteem in the Infosec World, well with the exception of the Learn
> Security Online establishment. I could not get enough background
> information
> from their website about them.
>
> I really appreciate all the feed back, and you guys please keep up the
> great
> work of community building and knowledge sharing. I hope to be making my
> contribution to this list in a little while as a pen-tester :-)!!!
>
> Gregory
>
>
> -----Original Message-----
> From: Zuromski, Brian [mailto:brzurom () tycho ncsc mil]
> Sent: Wednesday, June 22, 2005 9:08 AM
> To: 'pen-test () securityfocus com'
> Cc: 'Richard Zaluski'
> Subject: RE: CEH training
>
>    I actually attended a CEH workshop.  Although it was only a sales pitch
> into what the class would be about we actually got to keep the class book.
> It doesn't really teach the theory in hacking....although they have a
> short
> section on what is a hacker and what keeps someone 'ethical'.  Then they
> proceed to show you how to use 5000 different WINDOZE apps that constitute
> hacking into networks and systems 'ethically' of course.  I just thought
> it
> was more for windows people who are curious and want to know how to
> enumerate
> targets. (IMHO it is just information you could get elsewhere) I thought
> it
> was too dependant on tools, and not strong on actually how to collect
> information manually. If they would introduce linux into the class then I
> would absolutely get the CEH cert as everyone knows most windows tools are
> based off of $nix tools that have been around and you have to know what
> your
> doing when you use the $nix tools forcing more theory and know how into
> the
> class that could help people understand across the board.....
>     I will say this, the instructor who did this (Don), was extremely
> knowledgeable and knows the unix/windoze/network side of things, so if you
> get a good instructor it might pay off on the way the apps are working to
> collect information and enumerate targets....and that is what you need to
> be
> a pen-tester!
>
>
>
> -----Original Message-----
> From: Richard Zaluski [mailto:rzaluski () ivolution ca]
> Sent: Saturday, June 18, 2005 7:33 PM
> To: glemmon () onealwebster com; pen-test () securityfocus com
> Subject: RE: CEH training
>
>
> The issue we find with these courses is that they tend to be encyclopedic
> in
> nature.  They teach you how to 'hack a box' rather then provide you with
> the
> skills a professional security tester needs.
>
> iVOLUTION currently has two Penetration Courses that we teach at IBM, its
> security staff and worldwide partners. Our classes are based upon the
> skills
> you need to become an efficient and resourceful security professional
>
> There are a few good courses out there that deal with Penetration Testing,
> not just ours. I would look for classes that deal specifically with Pen
> Testing rather than 'hacking'
>
> There is much more to being a pen tester than hacking. It's knowing the
> tools, techniques, methodologies and resources as well as understanding
> how
> to research exploits and properly assess networks and target systems. This
> is
> in conjunction with understanding the legalisms associated with testing
> that
> varies greatly in different countries, states, provinces and regions.
>
> As for online courses of this nature, I have not seen one as yet but I do
> understand time is an issue in your case.
>
> Regards,
>
> Richard Zaluski
> CISO, Security and Infrastructure Services iVOLUTION  Technologies
> Incorporated
> 905.309.1911
> 866.601.4678
> www.ivolution.ca
> rzaluski () ivolution ca
>
>
> Key fingerprint = DB39 7FC3 1F5D AD94 85DD  78B0 774D 5DE5 B011 BD8C
> ======================================================================CONFIDENTIALITY
> NOTICE: This email message, including any
> attachments, is for the sole use of the intended recipient(s) and may
> contain confidential and privileged information. If you are not the
> intended recipient, please contact the sender. Any unauthorized review,
> use, disclosure, or distribution is prohibited.
> =====================================================================-----Original
> Message-----
> From: glemmon () onealwebster com [mailto:glemmon () onealwebster com]
> Sent: Tuesday, June 21, 2005 2:35 PM
> To: pen-test () securityfocus com
> Subject: CEH training
>
> Hi all,
>
> I am looking at getting some training to start my official journey down
> the path as a Security Penetration Tester - and was wondering about the
> views on taking the Intense School's CEH boot Camp. Has anyone on/from the
> list attended their course and have and feedback/recommendations? My
> background is predominantly Windows, but I am fairly functional with
> Linux.
> I am more interested in online courses right now though only because I am
> currently involved in some projects that require me to be available for my
> office = over the next couple of months. Any constructive feedback is more
> than = welcome.
> Thanks
>
>
> Gregory Lemmon, MCP, Security+
> I.T. Manager


-- 
When did I first realize I was God ?
Well, I was praying. And suddenly, I realized I was talking to myself.